Then there is the suspect bucket; these are a little bit more interesting cases where the system is saying 'Maybe. This might be suspect and this is why.' The order scored poorly in our algorithms.
If the scoring on each order goes at or above 2,000 points, that will kick into manual review. Our team of analysts will go through and make a determination on whether or not to allow, reject or put on hold until we can get further verification on the order.
What are the points based on?
There are about 300 algorithms turned on. It can go anywhere from they didn't capitalize first and last name or the billing address. Also let's say they put their name as Fred Derf. It will fire on easy keys. Things like that. Rules that add more weight is the CVV code on the back of card failed, or the AVS code failed.
More substantial rules include the IP address. We have a list of high -risk countries because we are global. Places like Nigeria, Ghana, Vietnam. While we get a lot of business from there, we also get a lot of fraud from there. So we review every order that comes from there; we review the billing address or IP address or where the credit card is coming from. Or let's say the browsers language is configured to Vietnamese. Any of these things will make an order get flagged for review.
What are the more common types of fraud you deal with?
We are global, so we see a lot of different kinds of fraud. We'll see international frauders, whether in Ghana or Nigeria, or further east, like Vietnam, Malaysia, Turkey, trying to fraud credit cards out of the U.S. The U.S. has many more credit cards out there. Someone from third-world country like Nigeria can't very well steal from his neighbors because his neighbors are just as poor as he is. So we see a lot of fraud coming from third-world countries where they are trying to defraud someone from a country with more money and commerce. Usually they are trying to buy an intangible service, like an immediate download or maybe a membership, a hosting service. We see that a lot.
We also see scenarios where a presumed vendor will open an account and start getting some orders in. Often times we find if a frauder gets that first one or two orders in and stops there, they may be successful. But the greedier he becomes, and starts getting three, five, ten or more orders in, we are going to catch him. That's when we can usually connect it with other places within 2Checkout.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.